Secure Boot Vulnerability in AXIS OS Affects Axis Communications Devices
CVE-2023-5553

6.8MEDIUM

Key Information:

Vendor: Axis Communications Ab
Status: Axis Os
Vendor: CVE Published:; 21 November 2023

What is CVE-2023-5553?

A vulnerability has been identified in the Secure Boot mechanism of AXIS OS, which may allow sophisticated attackers to bypass critical protections against device tampering. During routine threat modelling, Axis Security uncovered this flaw, highlighting the need for immediate attention. Although there are no known exploits, Axis has proactively released patched versions of AXIS OS to mitigate potential risks. For detailed guidance on addressing this vulnerability, please refer to the security advisory provided by Axis.

Affected Version(s)

AXIS OS ARTPEC 8 AXIS OS 10.8 - 11.6

References

https://www.axis.com/dam/public/0a/66/25/cve-2023-5553-en...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 21, 2023
Vulnerability Reserved
Oct 12, 2023

Axis Communications Ab

What is CVE-2023-5553?

Affected Version(s)

References

CVSS V3.1

Timeline